Patch to get new service tickets in preference to using expired
authorSam Hartman <hartmans@mit.edu>
Fri, 10 Jan 2003 01:23:49 +0000 (01:23 +0000)
committerSam Hartman <hartmans@mit.edu>
Fri, 10 Jan 2003 01:23:49 +0000 (01:23 +0000)
service tickets in krb5_get_credentials.

Ticket: 1260

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15106 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/ChangeLog
src/lib/krb5/krb/get_creds.c

index 826cdc08fd680888b802a01600ed890a13e4b900..452950b8dd1249cb302b3271c06e6a1dd4ea22fd 100644 (file)
@@ -1,3 +1,11 @@
+2003-01-09  Sam Hartman  <hartmans@mit.edu>
+
+       * get_creds.c (krb5_get_credentials_core): Patch from Ben Cox
+       <cox-work@djehuti.com> to not use expired service credentials if
+       the endtime is null but instead to search for unexpired
+       credentials.  If none are found, get new credentials.
+       
+
 2003-01-08  Sam Hartman  <hartmans@mit.edu>
 
        * fwd_tgt.c (krb5_fwd_tgt_creds): Don't require hostname to be supplied unless you are using addresses in the ticket.
index 934971076f767e912cc038797cab2dec31823873..cb6d8b1e393faea1edea1e441fbc95d654114f02 100644 (file)
@@ -55,7 +55,13 @@ krb5_get_credentials_core(krb5_context context, krb5_flags options,
 
     memset((char *)mcreds, 0, sizeof(krb5_creds));
     mcreds->magic = KV5M_CREDS;
-    mcreds->times.endtime = in_creds->times.endtime;
+    if (in_creds->times.endtime != 0) {
+       mcreds->times.endtime = in_creds->times.endtime;
+    } else {
+       krb5_error_code retval;
+       retval = krb5_timeofday(context, &mcreds->times.endtime);
+       if (retval != 0) return retval;
+    }
 #ifdef HAVE_C_STRUCTURE_ASSIGNMENT
     mcreds->keyblock = in_creds->keyblock;
 #else